Path Traversal Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20297

7.2HIGH

Key Information:

Vendor

Splunk

Vendor
CVE Published:
15 July 2026

What is CVE-2026-20297?

In certain versions of Splunk Enterprise and Splunk Cloud Platform, a user with permissions to edit and install apps can exploit a path traversal issue in the app installation process. This flaw allows the installation of legitimate applications to write files outside their designated directories, specifically into the $SPLUNK_HOME/etc/ directory and its subdirectories. Such behavior poses significant risks, as it may enable unauthorized access to sensitive files, leading to potential escalations in security vulnerabilities.

Affected Version(s)

Splunk Cloud Platform 10.5.2605 < 10.5.2605.0

Splunk Cloud Platform 10.4.2604 < 10.4.2604.6

Splunk Cloud Platform 10.2.2510 < 10.2.2510.18

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Vinay Manivel, Splunk
.